wroclaw-git-backups/nix
1
0
Fork 0
mirror of https://github.com/NixOS/nix synced 2025-06-24 22:11:15 +02:00
Code Activity

Ignore narSize and references when importing signatures

Browse source 
This way systems sharing signatures no longer need to exchange (or
hold on to) the size or references.

They should not matter: the signature is based on the fingerprint
which contains the narSize and references. Mathematically speaking
there could be collisions, but that would essentially mean
sha256/ed25519 is broken, in which case we're in trouble anyway?
This commit is contained in:
Arnout Engelen 2024-02-28 00:45:27 +01:00
parent c3e9e3d0c3
commit c62e785fb1
No known key found for this signature in database
GPG key ID: 061107B0F74A6DAA
1 changed files with 1 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

4
src/nix/sigs.cc
View file

@ -63,9 +63,7 @@ struct CmdCopySigs : StorePathsCommand
/* Don't import signatures that don't match this
binary. */
if (info->narHash != info2->narHash ||
info->narSize != info2->narSize ||
info->references != info2->references)
if (info->narHash != info2->narHash)
continue;
for (auto & sig : info2->sigs)